Privacy and Security TidBits

The Thief, The Programmer,The Hacker and The Data Protection Authority: How ILITA Cracked The Case

 

At the 33rd International Conference of Data Protection and Privacy Commissioners, (CDPP), held in Mexico City on November 2 and 3, Yoram Hacohen, Head of Israeli Law, Information and Technology Authority (ILITA) and Ariel Shoham, Deputy Head of the Enforcement Department of ILITA, held a private briefing, where they explained how they cracked the biggest privacy breach case that ever occurred in Israel.

Just a week earlier,on Monday, October 24, ILITA (The Istraeli Law, Information and Technology Authority in the Israeli Ministry of Justice), Israel’s Data Protection Authority, had made the following announcement on its website::

“ILITA (The Israeli Law, Information and Technology Authority in the Israeli Ministry of Justice), Israel’s Data Protection Authority, has cracked the case involving the theft of Israel’s Population Registry, the development of bespoke search and navigation software, and their dissemination online.

 ILITA’s investigation revealed that in 2006, an individual outsourcing service provider to the Ministry of Welfare and Social Services downloaded and stored at his home a complete electronic copy of Israel’s Population Registry, which contains numerous data fields such as full name, identification number, address, date of birth, date of death, date of immigration to Israel, family ties etc. for more than 9 million Israeli citizens, including minors and the deceased.

The suspect disseminated to a third party a copy of the database, which subsequently reached a software developer who developed a program called “Agron 2006” to enable users to run complex searches and queries on the data, including navigating among family ties of the entire Israeli population. The “Agron” software was then cracked and eventually uploaded by a hacker to online peer to peer networks and disseminated worldwide. The hacker went further to create a website promoting the download and use of “Agron”, while implementing sophisticated means, such as proxy servers and purging of traces on his computer, to conceal his identity and try to evade Israeli jurisdiction .”

In this video, filmed by this author during the briefing at the CDPP Conference ,Yoram Hacohen, Head of ILITA and Ariel Shoham, Deputy Head of the Enforcement Department of ILITA, explain how they cracked the biggest ever Israeli privacy breach case.

They started by mapping the entire information infrastructure of the Ministry of Interior, where the breach had occurred, to understand the information flow. ILITA’s forensic lab then retrieved sixty five terabytes of information from diverse sources, most of which were obtained with court orders. Over 135,000 phone calls, 111 external hard drives, 3,232 CD’s, 25 desktops, 13 laptops, 15 USB drives, 45 internal HDs and 25 mobile phones were analyzed.

Watch this fascinating briefing to find out how the investigation led to the unmasking and arrest of six suspects and how one fatal “mistake” by the hacker who published the registry online led to his discovery.